Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/96fa68-f2b1-4aaf-b50f-91e27b9cfba6/1/kWlbajLT3oWxqxE3gffCQHqCWHM.roa
File: kWlbajLT3oWxqxE3gffCQHqCWHM.roa (raw, json)
Hash identifier: DZ3f9M7b382od72T/F6H5ByHy+dVO8wT6ZXIu3gfGcU=
Subject key identifier: 91:69:5B:6A:32:D3:DE:85:B1:AB:11:37:81:F7:C2:40:7A:82:58:73
Certificate issuer: /CN=f12465bd246f22311ce9b05eeb49f7b7914b2a0a
Certificate serial: 019422203F3F17CDC224C2CEB218FA23EC12
Authority key identifier: F1:24:65:BD:24:6F:22:31:1C:E9:B0:5E:EB:49:F7:B7:91:4B:2A:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8SRlvSRvIjEc6bBe60n3t5FLKgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/96fa68-f2b1-4aaf-b50f-91e27b9cfba6/1/kWlbajLT3oWxqxE3gffCQHqCWHM.roa
Signing time: Wed 01 Jan 2025 13:48:46 +0000
ROA not before: Wed 01 Jan 2025 13:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204056
IP address blocks: 2a07:2700::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:3f:3f:17:cd:c2:24:c2:ce:b2:18:fa:23:ec:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f12465bd246f22311ce9b05eeb49f7b7914b2a0a
Validity
Not Before: Jan 1 13:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91695b6a32d3de85b1ab113781f7c2407a825873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:70:f5:00:16:0d:ae:f4:45:21:fb:6b:a6:f1:
98:91:40:4b:38:cf:78:35:b1:7d:0f:7e:a7:b9:dc:
22:b7:33:a5:5d:68:47:6c:47:2c:47:85:16:26:c2:
c0:7d:73:d4:a9:14:99:c6:a4:51:a0:b4:03:b9:62:
de:de:f4:92:1f:50:c5:3b:5f:f8:c7:b9:ee:58:e3:
8d:c1:01:e2:85:96:a4:71:a1:7b:10:97:72:9b:09:
83:0f:81:6a:d3:3c:5f:60:3b:e6:eb:ae:a2:70:3d:
22:85:32:5e:11:cd:2a:76:c7:19:3b:bc:d7:06:29:
0b:df:a5:c1:c1:64:18:43:36:79:f2:71:ed:aa:ef:
9e:c3:49:6d:4e:90:1e:92:d6:22:e8:ce:13:0c:22:
a1:39:42:fa:08:35:28:10:d6:8e:85:a2:4a:26:54:
95:e0:56:38:e7:9a:f8:cf:80:5a:7f:5d:ce:d8:f2:
ac:9c:26:06:95:47:86:de:50:c7:0c:a7:71:61:6e:
f8:0d:19:aa:a7:ec:c2:fc:ce:e4:31:71:8a:9d:cb:
74:c8:81:bc:c8:c5:3c:ed:79:13:17:fb:dd:d3:8f:
12:9b:4e:e8:dc:22:5b:d0:bb:d8:f1:40:c9:a3:47:
70:10:1f:4f:0e:c9:b0:f1:24:00:0e:fe:a9:29:ae:
ca:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:69:5B:6A:32:D3:DE:85:B1:AB:11:37:81:F7:C2:40:7A:82:58:73
X509v3 Authority Key Identifier:
keyid:F1:24:65:BD:24:6F:22:31:1C:E9:B0:5E:EB:49:F7:B7:91:4B:2A:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8SRlvSRvIjEc6bBe60n3t5FLKgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/96fa68-f2b1-4aaf-b50f-91e27b9cfba6/1/kWlbajLT3oWxqxE3gffCQHqCWHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/96fa68-f2b1-4aaf-b50f-91e27b9cfba6/1/8SRlvSRvIjEc6bBe60n3t5FLKgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2700::/29
Signature Algorithm: sha256WithRSAEncryption
b1:5f:e2:21:94:4f:ed:ab:f5:26:0a:37:7e:a9:d4:81:32:71:
06:f2:6b:21:db:70:be:ab:8b:60:ab:b2:f6:d5:4d:14:7c:3f:
05:38:7e:cf:8a:66:f9:66:7f:f1:13:b5:7b:ae:13:78:a6:69:
0b:c2:a4:df:4f:e1:39:33:cb:39:ba:ca:4a:70:75:9c:b1:02:
d9:63:73:2a:20:c0:f1:c6:6f:45:d1:34:4c:07:b3:5e:fe:16:
ed:21:33:68:71:71:d3:ae:04:71:69:4c:52:7c:47:83:d5:c5:
aa:17:ae:07:ab:8b:d0:cc:87:ba:23:de:92:9c:6d:42:e2:59:
f0:19:63:1f:70:6e:88:1b:f6:4e:1f:e6:eb:06:56:c8:f5:b3:
8a:20:36:5e:b0:44:b2:fc:9b:f5:8d:d8:23:68:89:df:07:cc:
49:dc:17:ee:21:7f:9a:b7:8c:07:c6:1d:aa:4a:35:54:90:76:
ee:70:d2:76:1c:26:1e:9c:0d:dd:ff:2d:f9:d6:7a:46:8b:5c:
ac:8a:40:d3:c7:b6:22:ff:d6:0f:4b:ec:ca:74:76:1b:c1:1d:
21:3f:99:27:fa:2d:bc:ff:01:74:c1:70:48:4a:7a:92:73:6f:
c1:69:cb:07:fb:9c:af:00:56:0d:cc:5c:68:6b:c9:16:c1:ca:
47:e1:fb:f2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQiID8/F83CJMLOshj6I+wSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMjQ2NWJkMjQ2ZjIyMzExY2U5YjA1ZWViNDlmN2I3OTE0
YjJhMGEwHhcNMjUwMTAxMTM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTY5NWI2YTMyZDNkZTg1YjFhYjExMzc4MWY3YzI0MDdhODI1ODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXD1ABYNrvRFIftrpvGYkUBLOM94
NbF9D36nudwitzOlXWhHbEcsR4UWJsLAfXPUqRSZxqRRoLQDuWLe3vSSH1DFO1/4
x7nuWOONwQHihZakcaF7EJdymwmDD4Fq0zxfYDvm666icD0ihTJeEc0qdscZO7zX
BikL36XBwWQYQzZ58nHtqu+ew0ltTpAektYi6M4TDCKhOUL6CDUoENaOhaJKJlSV
4FY455r4z4Baf13O2PKsnCYGlUeG3lDHDKdxYW74DRmqp+zC/M7kMXGKnct0yIG8
yMU87XkTF/vd048Sm07o3CJb0LvY8UDJo0dwEB9PDsmw8SQADv6pKa7KWwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJFpW2oy096FsasRN4H3wkB6glhzMB8GA1UdIwQY
MBaAFPEkZb0kbyIxHOmwXutJ97eRSyoKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFNSbHZTUnZJakVjNmJCZTYwbjN0NUZMS2dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85NmZhNjgtZjJiMS00YWFmLWI1MGYt
OTFlMjdiOWNmYmE2LzEva1dsYmFqTFQzb1d4cXhFM2dmZkNRSHFDV0hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85NmZhNjgtZjJiMS00YWFmLWI1MGYtOTFlMjdiOWNmYmE2
LzEvOFNSbHZTUnZJakVjNmJCZTYwbjN0NUZMS2dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgcnADAN
BgkqhkiG9w0BAQsFAAOCAQEAsV/iIZRP7av1Jgo3fqnUgTJxBvJrIdtwvquLYKuy
9tVNFHw/BTh+z4pm+WZ/8RO1e64TeKZpC8Kk30/hOTPLObrKSnB1nLEC2WNzKiDA
8cZvRdE0TAezXv4W7SEzaHFx064EcWlMUnxHg9XFqheuB6uL0MyHuiPekpxtQuJZ
8BljH3BuiBv2Th/m6wZWyPWziiA2XrBEsvyb9Y3YI2iJ3wfMSdwX7iF/mreMB8Yd
qko1VJB27nDSdhwmHpwN3f8t+dZ6RotcrIpA08e2Iv/WD0vsynR2G8EdIT+ZJ/ot
vP8BdMFwSEp6knNvwWnLB/ucrwBWDcxcaGvJFsHKR+H78g==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:52:55 2025 by rpki-client